Crypto industry lost $413 million in Q3 2024, down 40% YoY

GhSo...taPv
29 Sept 2024
35


Crypto hackers raked in over $413 million in Q3 2024. Immunefi says DeFi remains a "fertile ground" for black hat hackers.

According to a report by bug bounty platform Immunefi, the crypto industry lost $413 million in crypto to hacks and scams in Q3 this year. This is down 28% from the previous quarter ($573 million) and 40% from the same period last year ($686 million).
Immunefi highlights the large amount of money locked in DeFi protocols as a lucrative bait for hackers, with the current TVL reaching nearly $90 billion, according to data from DefiLlama.

Hacks/attacks dominated Q3, accounting for 99.3% ($409.9 million) of total losses from 31 incidents. Meanwhile, fraud, scams, and rug pulls accounted for just 0.7% ($3.1 million) from 3 incidents.
July saw the highest losses of the quarter at $282 million. August saw a sharp drop to just $15 million. However, September saw another $116 million in losses.
The Ethereum blockchain was a popular target for hackers, with 15 reported thefts, compared to just eight on BNB Chain and two on Base. Overall, there were only two cases of recovered stolen assets: the MEV attack on Ronin Network, which recovered $10 million from a $12 million hack, and ShezmuTech, which reversed the entire $4.9 million loss.

Most of the victims in Q3 2024 were cryptocurrency exchanges, with India’s WazirX losing $235 million and Singapore’s BingX losing $52 million. The remaining 32 hacks accounted for 32% of the total losses.
Mitchell Amador, founder and CEO of Immunefi, shared:

“We are seeing an increasing number of incidents targeting DeFi, while CeFi has fewer incidents but often has more serious consequences, with hundreds of millions of dollars stolen in a single attack.”
He also stressed that CeFi’s biggest infrastructure issue is private key management, which is crucial to maintaining custody of crypto assets. However, this is often not covered by security audits, and requires very stringent key management policies, practices, and contingency plans.

WazirX is an unfortunate case of losing funds after hackers compromised its private keys. The platform has had to suspend withdrawals and freeze trading since July 18, and is seeking protection from the Singapore court to have time to restructure.
To date, Immunefi has paid out over $100 million in bounties. These payouts spanned three years and were made from over 3,000 bug reports, the largest being $10 million for a vulnerability discovered in the cross-chain Wormhole protocol.

Get fast shipping, movies & more with Amazon Prime

Start free trial

Enjoy this blog? Subscribe to vuabaiyugioh

0 Comments